Friday, September 14, 2012

ACE30 Monitoring with SNMP


I have been preparing some KPI for ACE30 blades which can give me a macro status of all services provided in several contexts inside ACE.

The goal is to measure these KPIs with SNMP using MRTG for example, builing a graph.
The interesting mibs that can be monitored are:
- Number of connection currently in use per context
- Traffic in and out of the ACE30 blade (16G connection to the backplane)
- CPU

Regarding the number of connections, you have to do it per context based. So, you will need an IP address in each context for snmp pooling proposes.
In my MRTG I am using the mib:

enterprises.9.9.480.1.1.2.1.8.7.100.101.102.97.117.108.116.3

As for traffic, the best way (till now) is to browse your interfaces with "snmp mib ifindex ifmib" and get the interface id to the ACE30. It will come up as a TenG interface.

Tuesday, September 11, 2012

How port-channel works in cisco switches

Port-channel is a feature to aggregate 2 links in an interconnection to another switch. It is very usefull in the following cenarios: - Increasing the throughput by adding another link. For example, in a port-channel of 2 Gbps, if you need more throughput, you just have to add aother link to the port-channel. There is no downtime altough the hashing of the port-channel will change. - Very efecient for link upgrade cenario as you will not have STP rotation.

Things you should know about port-channel that are not very clear in documentation: - The maximum flow in a port-channel is the maximum link throught that you have. This is beacause the best Cisco equipments can do is IP Hashing. This means, that each IP will be associated to only one port. This means that any flow from any to that IP behing it will always have 1Gbps throughput. - Aggregation protocols are very important such as LACP. It will add keeplive checks up to the port-channel to garantee that it is still up. LACP fast can detect a failure really fast. - High CPU can bring down aggregation protocols, which could end in link down catastrophic cenarios.

Monday, September 10, 2012

CSM force failover

To perform CSM failover, execute the following comand on active unit: clear module contentSwitchingModule 4 ft active

CSM Redirect serverfarm

In some cenarios, you might want to convert your loadbalancer into a redirect engine. Some reasons for that are: - Controlling http to https redirect - During maintenance period you can redirect the website to another location during webserver down time. - Migration cenarios. The script to execute this is: module ContentSwitchingModule 3 serverfarm MYFARM_80 nat server no nat client redirect-vserver MYFARM_RED webhost relocation https://newsite.com inservice ! vserver MYFARM_80 virtual 10.1.1.140 tcp 80 serverfarm MYFARM_80 persistent rebalance inservice !